package lumis.portal.acl;

import lumis.portal.*;
import lumis.portal.acl.IPortalAclManager;
import lumis.portal.authentication.SessionConfig;
import lumis.portal.dao.*;
import lumis.portal.manager.ManagerException;
import lumis.util.*;
import lumis.util.security.acl.*;

public class PortalAclManager extends AclManager implements IPortalAclManager
{
	public AccessControlList get(SessionConfig sessionConfig, String id, ITransaction transaction) throws PortalException
	{
		return get(sessionConfig, transaction);
	}

	public AccessControlList get(SessionConfig sessionConfig, ITransaction transaction) throws PortalException
	{
		return getAclInternal(sessionConfig, null, transaction);
	}

	public void update(SessionConfig sessionConfig, AccessControlList acl, ITransaction transaction) throws PortalException
	{
		if (!checkPermission(sessionConfig, null, PortalPermissions.MANAGE_PORTAL_SECURITY, transaction))
			throw new AccessDeniedException();

		if (!IPortalAclManager.PORTAL_ACL_ID.equals(acl.getId()))
			throw new PortalException("STR_INVALID_ACCESS_CONTROL_LIST");

		// force implied permissions
		acl.setImpliedPermissions(PortalPermissions.getImplies());

		super.update(acl, transaction);
	}

	public boolean checkPermission(SessionConfig sessionConfig, IPermission permission, ITransaction transaction) throws ManagerException, PortalException
	{
		return checkPermission(sessionConfig, null, permission, transaction);
	}

	protected AccessControlList getAclInternal(SessionConfig sessionConfig, String ignoreItemId, ITransaction transaction) throws PortalException
	{
		return getAclInternal(sessionConfig, transaction);
	}
	
	protected AccessControlList getAclInternal(SessionConfig sessionConfig, ITransaction transaction) throws PortalException
	{
		AccessControlList acl = aclCache.get(PORTAL_ACL_ID);
		if (acl == null)
		{
			acl = DaoFactory.getAccessControlDao().get(PORTAL_ACL_ID, transaction);
			aclCache.put(PORTAL_ACL_ID, acl);
			
			acl.setImpliedPermissions(PortalPermissions.getImplies());
		}

		return acl;
	}
	
	protected int getRequiredPermissions() throws PortalException
	{
		return PortalPermissions.getRequiredPermissions();
	}
}
